first commit

app/api/controller/Ajax.php

@@ -0,0 +1,103 @@
+<?php
+declare (strict_types=1);
+
+namespace app\api\controller;
+
+use app\ApiController;
+
+use app\common\library\Email;
+use app\common\library\Sms;
+use app\common\model\system\User;
+use think\db\exception\DataNotFoundException;
+use think\db\exception\DbException;
+use think\db\exception\ModelNotFoundException;
+
+/**
+ * 异步调用
+ */
+class Ajax extends ApiController
+{
+
+    public $needLogin = true;
+
+    /**
+     * 发送短信
+     * @return mixed|void
+     * @throws DataNotFoundException
+     * @throws DbException
+     * @throws ModelNotFoundException
+     */
+    public function smsSend()
+    {
+        if (request()->isPost()) {
+
+            $mobile = input('mobile');
+            $event = input('event', 'register');
+
+            if (!is_mobile($mobile)) {
+                return $this->error('手机号码不正确');
+            }
+
+            $sms = Sms::instance();
+            $data = $sms->getLast($mobile);
+            if ($data && (time() - strtotime($data['create_time'])) < 60) {
+                return $this->error(__('发送频繁'));
+            }
+
+            $userinfo = User::getByMobile($mobile);
+            if (in_array($event, ['register', 'changer']) && $userinfo) {
+                return $this->error('当前手机号已被占用');
+            } else if ($event == 'forgot' && !$userinfo) {
+                return $this->error('当前手机号未注册');
+            }
+
+            if ($sms->send($mobile, $event)) {
+                return $this->success("验证码发送成功！");
+            } else {
+                return $this->error($sms->getError());
+            }
+        }
+
+        return json(['msg' => 'success', 'data' => 'Hello']);
+    }
+
+    /**
+     * 发送邮件
+     * @return mixed|void
+     * @throws DataNotFoundException
+     * @throws DbException
+     * @throws ModelNotFoundException
+     */
+    public function emailSend()
+    {
+        if (request()->isPost()) {
+
+            $email = input('email');
+            $event = input('event', 'register');
+
+            if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+                return $this->error('邮件格式不正确');
+            }
+
+            $Ems = Email::instance();
+            $data = $Ems->getLast($email);
+
+            if ($data && (time() - strtotime($data['create_time'])) < 60) {
+                return $this->error(__('发送频繁'));
+            }
+
+            $userinfo = User::getByEmail($email);
+            if (in_array($event, ['register', 'changer']) && $userinfo) {
+                return $this->error('当前邮箱已被注册');
+            } else if ($event == 'forgot' && !$userinfo) {
+                return $this->error('当前邮箱不存在');
+            }
+
+            if ($Ems->captcha($email, $event)->send()) {
+                return $this->success("验证码发送成功！");
+            } else {
+                return $this->error($Ems->getError());
+            }
+        }
+    }
+}

app/api/controller/Index.php

@@ -0,0 +1,27 @@
+<?php
+declare (strict_types=1);
+// +----------------------------------------------------------------------
+// | swiftAdmin 极速开发框架 [基于WebMan开发]
+// +----------------------------------------------------------------------
+// | Copyright (c) 2020-2030 http://www.swiftadmin.net
+// +----------------------------------------------------------------------
+// | swiftAdmin.net High Speed Development Framework
+// +----------------------------------------------------------------------
+// | Author: meystack <coolsec@foxmail.com>  Apache 2.0 License
+// +----------------------------------------------------------------------
+namespace app\api\controller;
+
+use app\ApiController;
+
+/**
+ * API接口前端示例文件
+ */
+class Index extends ApiController
+{
+    // 首页展示
+    public function index(): \support\Response
+    {
+        return json(['msg' => 'success', 'data' => 'Hello']);
+    }
+
+}

app/api/controller/User.php

@@ -0,0 +1,103 @@
+<?php
+declare (strict_types = 1);
+
+namespace app\api\controller;
+
+use app\ApiController;
+use app\common\library\ResultCode;
+use app\common\library\Sms;
+use app\common\library\Upload;
+use think\db\exception\DataNotFoundException;
+use think\db\exception\DbException;
+use think\db\exception\ModelNotFoundException;
+
+/**
+ * API用户登录
+ */
+class User extends ApiController
+{
+    /**
+     * 需要登录
+     * @var bool
+     */
+	public $needLogin = true;
+
+    /**
+     * 非鉴权方法
+     * @var array
+     */
+    public $noNeedAuth = ['register', 'login'];
+
+    /**
+     * 用户注册
+     * @return mixed|void
+     * @throws DataNotFoundException
+     * @throws DbException
+     * @throws ModelNotFoundException
+     */
+    public function register()
+    {
+        if (request()->isPost()) {
+
+            // 获取参数
+            $post = input('post.');
+
+            // 获取注册方式
+            $registerType = saenv('user_register');
+
+            if ($registerType == 'mobile') {
+                $mobile = input('mobile');
+                $captcha = input('captcha');
+
+                // 校验手机验证码
+                if (!Sms::instance()->check($mobile, $captcha, 'register')) {
+                    return $this->error(Sms::instance()->getError());
+                }
+            }
+
+            $response = $this->auth->register($post);
+            if (!$response) {
+                return $this->error($this->auth->getError());
+            }
+
+            return $response->withBody(json_encode(ResultCode::REGISTERSUCCESS));
+        }
+    }
+
+    /**
+     * 用户登录
+     * @return mixed|void
+     */
+    public function login() {
+
+        if (request()->isPost()) {
+			// 获取参数
+			$nickname = input('nickname');
+            $password = input('pwd');
+
+            $response = $this->auth->login($nickname, $password);
+            if (!$response) {
+                return $this->error($this->auth->getError());
+            }
+
+            $response->withBody(json_encode(array_merge(ResultCode::LOGINSUCCESS, ['token' => $this->auth->token])));
+            return $response;
+		}
+
+        return $this->throwError();
+    }
+
+    /**
+     * 文件上传
+     */
+    public function upload()
+    {
+        if (request()->isPost()) {
+            $file = Upload::instance()->upload();
+            if (!$file) {
+                return $this->error(Upload::instance()->getError());
+            }
+            return json($file);
+        }
+    }
+}

app/api/middleware/system/ApiPermissions.php

@@ -0,0 +1,76 @@
+<?php /** @noinspection ALL */
+
+namespace app\api\middleware\system;
+
+use app\common\library\Auth;
+use app\common\library\ResultCode;
+use Webman\Event\Event;
+use Webman\MiddlewareInterface;
+use Webman\Http\Response;
+use Webman\Http\Request;
+
+/**
+ * API权限中间件
+ * @package app\api\middleware\system
+ * @author meystack <
+ */
+class ApiPermissions implements MiddlewareInterface
+{
+    /**
+     * 控制器登录鉴权
+     * @var bool
+     */
+    public $needLogin = false;
+
+    /**
+     * API验证流程
+     * @var bool
+     */
+    public $authWorkflow = true;
+
+    /**
+     * 非鉴权方法
+     * @var array
+     */
+    public $noNeedAuth = [];
+
+    /**
+     * 校验权限
+     * @param Request $request
+     * @param callable $handler
+     * @return Response
+     */
+    public function process(Request $request, callable $handler): Response
+    {
+        $app = request()->getApp();
+        $controller = request()->getController();
+        $action = request()->getAction();
+        $method = $controller . '/' . $action;
+        $className = '\app' . $app . '\\controller\\' . $controller;
+        $className = str_replace('/', '\\', $className);
+        if (class_exists($className)) {
+            $refClass = new \ReflectionClass($className);
+            $property = $refClass->getDefaultProperties();
+            $this->needLogin = $property['needLogin'] ?? false;
+            $this->noNeedAuth = $property['noNeedAuth'] ?? [];
+        }
+
+        $auth = Auth::instance();
+        if ($auth->isLogin()) {
+            $request->userId = $auth->userInfo['id'];
+            $request->userInfo = $auth->userInfo;
+            if ($this->authWorkflow && Event::hasListener('apiAuth')) {
+                $result = Event::emit('apiAuth', ['method' => $method, 'userId' => $request->userId], true);
+                if (isset($result['code']) && $result['code'] != 200) {
+                    return json($result);
+                }
+            }
+        } else {
+            if ($this->needLogin && !in_array($action, $this->noNeedAuth)) {
+                return json(ResultCode::AUTH_ERROR);
+            }
+        }
+
+        return $handler($request);
+    }
+}